hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-01 16:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,673 Branches 157 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Bartolomeo
4c23ad100e C++: Rename a few IR APIs 
There are a few IR APIs that we've found to be confusingly named. This PR renames them to be more consistent within the IR and with the AST API:

`Instruction.getFunction` -> `Instruction.getEnclosingFunction`: This was especially confusing when you'd call `FunctionAddressInstruction.getFunction` to get the function whose address was taken, and wound up with the enclosing function instead.

`Instruction.getXXXOperand` -> `Instruction.getXXX`. Now that `Operand` is an exposed type, we want a way to get a specific `Operand` of an `Instruction`, but more often we want to get the definition instruction of that operand. Now, the pattern is that `getXXXOperand` returns the `Operand`, and `getXXX` is equivalent to `getXXXOperand().getDefinitionInstruction()`.

`Operand.getInstruction` -> `Operand.getUseInstruction`: More consistent with the existing `Operand.getDefinitionInstruction` predicate.
 2019-02-06 22:43:49 -08:00
Robert Marsh
97c5b8ee44 Merge pull request #882 from jbj/ir-ConstantAnalysis-perf 
C++: Speed up IR ConstantAnalysis
 2019-02-06 22:29:09 -08:00
Dave Bartolomeo
1f873d0c9c Merge pull request #890 from aeyerstaylor/more-field-overriding 
C++: Use more field overriding in IR construction
 2019-02-06 17:04:43 -08:00
Max Schaefer
95185345fd Merge pull request #897 from Semmle/revert-817-closure-modules 
Revert "JS: Add support for Closure modules"
 2019-02-06 18:14:50 +00:00
Asger F
e46e2b2515 Revert "JS: Add support for Closure modules" 2019-02-06 17:30:45 +00:00
calum
ce7e9901cc C#: Address review comments. 2019-02-06 17:15:43 +00:00
semmle-qlci
b8be66ec48 Merge pull request #887 from asger-semmle/jsdoc-accessors 
Approved by xiemaisi
 2019-02-06 16:30:48 +00:00
semmle-qlci
b13c11017c Merge pull request #885 from asger-semmle/async-waterfall 
Approved by xiemaisi
 2019-02-06 16:30:17 +00:00
Esben Sparre Andreasen
235625d03a Merge branch 'master' into js/vue-support-1 2019-02-06 16:57:16 +01:00
semmle-qlci
09825f28ed Merge pull request #817 from asger-semmle/closure-modules 
Approved by esben-semmle, xiemaisi
 2019-02-06 15:51:53 +00:00
Tom Hvitved
8812f26517 C#: Address review comments 2019-02-06 13:17:47 +01:00
Tom Hvitved
c3378c44a1 C#: Prevent bad magic in getArgumentForParameter() 2019-02-06 13:09:56 +01:00
Calum Grant
dd75e5bce3 Merge pull request #877 from hvitved/csharp/matches-handle 
C#: Use `matchesHandle()` instead of `getLabel()`
 2019-02-06 11:02:09 +00:00
semmle-qlci
a2691b32b5 Merge pull request #851 from xiemaisi/js/post-message-star 
Approved by esben-semmle
 2019-02-06 09:57:04 +00:00
Asger F
abb7e63697 JS: update GlobalVariableRef.expected 2019-02-06 09:16:30 +00:00
Asger F
44939263e4 JS: update TRAP files 2019-02-06 09:12:16 +00:00
Asger F
c52ed9152f JS: handle .mjs files correctly 2019-02-06 09:12:10 +00:00
Esben Sparre Andreasen
fb19032038 JS: change notes for Vue support 2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen
f15af70c02 JS: use HTML::ScriptElement::getScript in Vue 2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen
5e2b1c026a JS: introduce HTML::ScriptElement::getScript() 2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen
a78dd422b6 JS: add query js/vue/arrow-method-on-vue-instance 2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen
ea175b2a9f JS: introduce Vue XSS sinks 2019-02-06 09:38:00 +01:00
Esben Sparre Andreasen
a6cfee5f26 JS: prevent inlining of three auxiliary Vue methods 2019-02-06 09:37:23 +01:00
Esben Sparre Andreasen
ddf9ca2505 JS: introduce base Vue model 2019-02-06 09:37:23 +01:00
Geoffrey White
2321ae911e CPP: Fix the test by adding PotentiallyDangerousFunction. 2019-02-05 17:58:30 +00:00
Geoffrey White
018450500d CPP: Fix closing tag. 2019-02-05 17:58:30 +00:00
Geoffrey White
c05df6ea4c CPP: Add reference. 2019-02-05 17:58:30 +00:00
Geoffrey White
f73a3a6a24 CPP: Explain the danger of gets a bit more in qhelp. 2019-02-05 17:58:30 +00:00
Geoffrey White
0541950c44 CPP: Clean up PotentialBufferOverflow.ql a bit. 2019-02-05 17:58:30 +00:00
Geoffrey White
2a708d3243 CPP: Change note. 2019-02-05 17:58:30 +00:00
Geoffrey White
c32e1b8000 CPP: Change the @name of PotentialBufferOverflow.ql to be in line with everything else. 2019-02-05 17:58:30 +00:00
Geoffrey White
f7e7737789 CPP: Update qhelp. 2019-02-05 17:58:30 +00:00
Geoffrey White
87a25f0cbe CPP: Update CWE tags. 2019-02-05 17:58:30 +00:00
Geoffrey White
429f53ed74 CPP: Move the 'gets' case. 2019-02-05 17:58:30 +00:00
Geoffrey White
a82832e779 CPP: Add a test that uses 'gets'. 2019-02-05 17:58:30 +00:00
Geoffrey White
bbc8e7886b CPP: Rearrange PotentiallyDangerousFunction.ql. 2019-02-05 17:58:30 +00:00
Asger F
ddd72190cb JS: change note 2019-02-05 16:59:29 +00:00
Asger F
46b996a936 JS: autoformat ¯\_(ツ)_/¯ 2019-02-05 16:52:06 +00:00
Asger F
8924aa3ee0 JS: add test case 2019-02-05 16:51:21 +00:00
Asger F
cad5a064cd JS: recognize a-sync-waterfall package 2019-02-05 16:38:47 +00:00
semmle-qlci
4b81ffab96 Merge pull request #869 from hvitved/csharp/autoformat 
Approved by calumgrant
 2019-02-05 16:35:10 +00:00
Tom Hvitved
37c55750f7 Merge pull request #873 from calumgrant/cs/format-getresource-strings 
C#: Fix FP in cs/format-argument-unused
 2019-02-05 17:12:04 +01:00
Taus Brock-Nannestad
b550da2b45 Improve change note. 2019-02-05 16:01:45 +01:00
yh-semmle
3e8f7a740c Merge pull request #838 from aschackmull/java/taint-collections 
Java: Add additional taint steps through collections.
 2019-02-05 09:59:24 -05:00
Esben Sparre Andreasen
b72441f9c2 JS: use StringOps:: in js/incomplete-url-substring-sanitization 2019-02-05 15:17:55 +01:00
Tom Hvitved
23b9b1eb72 C#: Cache Splits::toString() 2019-02-05 15:01:25 +01:00
Anders Schack-Mulligen
fe7add77d2 Java: Account for the repo move in NonSecurityTestClass. 2019-02-05 14:31:40 +01:00
Tom Hvitved
8c7c582e07 C#: Move successor types into own file 2019-02-05 14:27:09 +01:00
Tom Hvitved
0992e01f91 C#: Move Splitting and Reachability modules into own file 2019-02-05 14:27:09 +01:00
Tom Hvitved
3503e9b57e C#: Move PreSsa module into own file 2019-02-05 14:27:09 +01:00